The Summer of Code 2008 is soliciting application proposals. From the press release: "The SoC 2008 is an open sponsorship program where participants/developers are paid to work on OWASP (and web security) related projects." March 25 is the deadline for project applications. Check out the site and submit a proposal!

Eugene Meeting

Our next meeting is next week, Wednesday, March 26, 6:00pm-8:00pm at Symantec in the Vista Room (no relation to the OS). The address is 555 International Way, Springfield, OR. The topic is "Defending Against Cross-Site Scripting." Read more about the meeting at OWASP's Eugene Chapter site.

The kick-off meeting for the Eugene OWASP Chapter is tomorrow night (Thursday, Feb. 28). My plan is to give everyone a chance to meet each other, talk about the importance of web application security, and introduce OWASP and the free resources that OWASP provides for securing web applications.

I'm excited about it and am looking forward to building a community of folks in the area with web app security expertise. I'm also working with the Lane County Chapter of the Software Association of Oregon and I'm hoping that a development community in Eugene/Springfield with a solid foundation on application security could be turned into a distinguishing characteristic of the area: you want a secure application built in Oregon, go to Eugene/Springfield. We'll see.

In any case, working with others on these sorts of security initiatives is the kind of stuff I love to do, and it is very satisfying. The doors open at 6:00pm and the presentation begins promptly at 6:30. I'll be (or rather, K2 Digital Defense will be) providing pizza and soft drinks.

If you're reading about this for the first time here, and would like to attend, please RSVP by registering for the event at:

Thanks go to the Eugene Water & Electric Board for providing the space for this meeting. EWEB furnishes public meeting rooms as a community service and does not sponsor or endorse activities or groups using EWEB's facilities.

The Open Web Application Security Project is an international community of people focused on improving application security. Their work, including a great set of tools, is available for free under an open source license. You can read all about OWASP at their web site. Take a look, play with some of the tools, and then join in.

For folks in and around Eugene, Oregon, we're kicking off a local OWASP Chapter. Local chapters are all about learning and networking. No sales. No vendor pitches. The meetings are going to be a great way to spend a fun evening with folks who are interested in software security, hacks, and defenses.

If you're in the area feel free to drop by. Meeting times and locations will be announced on the Chapter web site, and on the mailing list. The mailing list is also a great place to suggest topics you'd like covered at the meetings or to ask application security questions.

Dedication

My grandfather had a wonderful shop in his basement. To me, it was a place of mystery and fascination, and I would spend hours wandering through it, looking at all the tools and projects in various states of completion. Not being much of a wood worker, I've never had the need for such a shop (not to mention that I lack a basement), but recently it occurs to me that my gear, computers, and software are my shop. This site is for my late grandfather and everyone else who takes personal pride in carefully executed work.